rpm package
suse/kernel-source&distro=SUSE Linux Enterprise Server 15 SP2-LTSS
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS
Vulnerabilities (812)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-48654 | — | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() nf_osf_find() incorrectly returns true on mismatch, this leads to copying uninitialized memory area in nft_osf which can be used to leak stale | ||
| CVE-2022-48651 | — | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an AF_PACKET socket is used to send packets through ipvlan and the default xmit function of the AF_PACKET socket is changed from dev_queue_xmit() | ||
| CVE-2022-48631 | — | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 28, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 When walking through an inode extents, the ext4_ext_binsearch_idx() function assumes that the extent header has been previously validated. | ||
| CVE-2024-26925 | Med | 5.5 | < 5.3.18-150200.24.194.1 | 5.3.18-150200.24.194.1 | Apr 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The commit mutex should not be released during the critical section between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC | |
| CVE-2024-26923 | Med | 4.7 | < 5.3.18-150200.24.197.1 | 5.3.18-150200.24.197.1 | Apr 25, 2024 | In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM | |
| CVE-2024-26921 | — | < 5.3.18-150200.24.197.1 | 5.3.18-150200.24.197.1 | Apr 18, 2024 | In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and other functions can pass skb->sk as function argument. If the skb is a fragment and reassembly happens before such function call retu | ||
| CVE-2024-26906 | Med | 5.5 | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() When trying to use copy_from_kernel_nofault() to read vsyscall page through a bpf program, the following oops was reported: BUG: unable to h | |
| CVE-2024-26903 | Med | 5.5 | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a no | |
| CVE-2024-26898 | Hig | 7.8 | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. | |
| CVE-2024-26852 | Hig | 7.8 | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found another use-after-free in ip6_route_mpath_notify() [1] Commit f7225172f25a ("net/ipv6: prevent use after free in ip6_route_mpath_notify") w | |
| CVE-2024-26862 | — | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and packet_getsockopt() Add appropriate READ_ONCE()/WRITE_ONCE() annotations. syzbot reported: | ||
| CVE-2024-26840 | — | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== unreferenced obj | ||
| CVE-2024-26828 | — | < 5.3.18-150200.24.194.1 | 5.3.18-150200.24.194.1 | Apr 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the size_left is greater than the minimum size we need. However, the problem is that "b | ||
| CVE-2021-47219 | — | < 5.3.18-150200.24.200.1 | 5.3.18-150200.24.200.1 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() The following issue was observed running syzkaller: BUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:377 [inline] BUG: KASAN: slab | ||
| CVE-2021-47212 | — | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Update error handler for UCTX and UMEM In the fast unload flow, the device state is set to internal error, which indicates that the driver started the destroy process. In this case, when a destroy com | ||
| CVE-2021-47207 | — | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: gus: fix null pointer dereference on pointer block The pointer block return from snd_gf1_dma_next_block could be null, so there is a potential null pointer dereference issue. Fix this by adding a null che | ||
| CVE-2021-47206 | — | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-tmio: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value. | ||
| CVE-2021-47203 | — | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() When parsing the txq list in lpfc_drain_txq(), the driver attempts to pass the requests to the adapter. If such an attempt fails, a local "fail_msg" str | ||
| CVE-2021-47201 | — | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: iavf: free q_vectors before queues in iavf_disable_vf iavf_free_queues() clears adapter->num_active_queues, which iavf_free_q_vectors() relies on, so swap the order of these two function calls in iavf_disable_v | ||
| CVE-2021-47198 | — | < 5.3.18-150200.24.191.1 | 5.3.18-150200.24.191.1 | Apr 10, 2024 | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine An error is detected with the following report when unloading the driver: "KASAN: use-after-free in lpfc_unreg_rpi+0x1b1b" The NLP_REG_LOGIN_SEND nl |
- CVE-2022-48654Apr 28, 2024affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() nf_osf_find() incorrectly returns true on mismatch, this leads to copying uninitialized memory area in nft_osf which can be used to leak stale
- CVE-2022-48651Apr 28, 2024affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an AF_PACKET socket is used to send packets through ipvlan and the default xmit function of the AF_PACKET socket is changed from dev_queue_xmit()
- CVE-2022-48631Apr 28, 2024affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0 When walking through an inode extents, the ext4_ext_binsearch_idx() function assumes that the extent header has been previously validated.
- affected < 5.3.18-150200.24.194.1fixed 5.3.18-150200.24.194.1
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The commit mutex should not be released during the critical section between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC
- affected < 5.3.18-150200.24.197.1fixed 5.3.18-150200.24.197.1
In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect() Garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. If such embryo has a peer that carries SCM
- CVE-2024-26921Apr 18, 2024affected < 5.3.18-150200.24.197.1fixed 5.3.18-150200.24.197.1
In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and other functions can pass skb->sk as function argument. If the skb is a fragment and reassembly happens before such function call retu
- affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() When trying to use copy_from_kernel_nofault() to read vsyscall page through a bpf program, the following oops was reported: BUG: unable to h
- affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a no
- affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel.
- affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found another use-after-free in ip6_route_mpath_notify() [1] Commit f7225172f25a ("net/ipv6: prevent use after free in ip6_route_mpath_notify") w
- CVE-2024-26862Apr 17, 2024affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit() and packet_getsockopt() Add appropriate READ_ONCE()/WRITE_ONCE() annotations. syzbot reported:
- CVE-2024-26840Apr 17, 2024affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix memory leak in cachefiles_add_cache() The following memory leak was reported after unbinding /dev/cachefiles: ================================================================== unreferenced obj
- CVE-2024-26828Apr 17, 2024affected < 5.3.18-150200.24.194.1fixed 5.3.18-150200.24.194.1
In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the size_left is greater than the minimum size we need. However, the problem is that "b
- CVE-2021-47219Apr 10, 2024affected < 5.3.18-150200.24.200.1fixed 5.3.18-150200.24.200.1
In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() The following issue was observed running syzkaller: BUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:377 [inline] BUG: KASAN: slab
- CVE-2021-47212Apr 10, 2024affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Update error handler for UCTX and UMEM In the fast unload flow, the device state is set to internal error, which indicates that the driver started the destroy process. In this case, when a destroy com
- CVE-2021-47207Apr 10, 2024affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: gus: fix null pointer dereference on pointer block The pointer block return from snd_gf1_dma_next_block could be null, so there is a potential null pointer dereference issue. Fix this by adding a null che
- CVE-2021-47206Apr 10, 2024affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-tmio: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL, we need check the return value.
- CVE-2021-47203Apr 10, 2024affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix list_add() corruption in lpfc_drain_txq() When parsing the txq list in lpfc_drain_txq(), the driver attempts to pass the requests to the adapter. If such an attempt fails, a local "fail_msg" str
- CVE-2021-47201Apr 10, 2024affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: iavf: free q_vectors before queues in iavf_disable_vf iavf_free_queues() clears adapter->num_active_queues, which iavf_free_q_vectors() relies on, so swap the order of these two function calls in iavf_disable_v
- CVE-2021-47198Apr 10, 2024affected < 5.3.18-150200.24.191.1fixed 5.3.18-150200.24.191.1
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine An error is detected with the following report when unloading the driver: "KASAN: use-after-free in lpfc_unreg_rpi+0x1b1b" The NLP_REG_LOGIN_SEND nl
Page 13 of 41